From fda86e23e94e33534616e509933499fde6497852 Mon Sep 17 00:00:00 2001
From: Justin Richer <jricher@mitre.org>
Date: Tue, 20 Nov 2012 13:12:21 -0500
Subject: [PATCH] moved everything to use the consumes/produces framework of
 Spring 3.1

---
 .../openid/connect/web/ApprovedSiteAPI.java   |  7 +++---
 .../openid/connect/web/BlacklistAPI.java      | 11 +++++----
 .../mitre/openid/connect/web/ClientAPI.java   | 23 ++++++++++++-------
 .../ClientDynamicRegistrationEndpoint.java    |  6 ++---
 .../connect/web/JsonWebKeyEndpoint.java       |  2 +-
 .../mitre/openid/connect/web/StatsAPI.java    |  2 +-
 .../openid/connect/web/UserInfoEndpoint.java  |  2 +-
 .../openid/connect/web/WhitelistAPI.java      | 11 +++++----
 .../swd/web/SimpleWebDiscoveryEndpoint.java   |  4 ++--
 9 files changed, 39 insertions(+), 29 deletions(-)

diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ApprovedSiteAPI.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ApprovedSiteAPI.java
index 50dfcbd0b..813571b7c 100644
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ApprovedSiteAPI.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ApprovedSiteAPI.java
@@ -34,7 +34,7 @@ public class ApprovedSiteAPI {
 	 * @param m
 	 * @return
 	 */
-	@RequestMapping(method = RequestMethod.GET, headers = "Accept=application/json")
+	@RequestMapping(method = RequestMethod.GET, produces = "application/json")
 	public String getAllApprovedSites(ModelMap m, Principal p) {
 		
 		Collection<ApprovedSite> all = approvedSiteService.getByUserId(p.getName());
@@ -48,7 +48,7 @@ public class ApprovedSiteAPI {
 	 * Delete an approved site
 	 * 
 	 */
-	@RequestMapping(value="/{id}", method = RequestMethod.DELETE, headers = "Accept=application/json")
+	@RequestMapping(value="/{id}", method = RequestMethod.DELETE)
 	public String deleteApprovedSite(@PathVariable("id") Long id, ModelMap m, Principal p) {
 		ApprovedSite approvedSite = approvedSiteService.getById(id);
 		
@@ -57,6 +57,7 @@ public class ApprovedSiteAPI {
 		} else if (!approvedSite.getUserId().equals(p.getName())) {
 			m.put("code", HttpStatus.FORBIDDEN);
 		} else {
+			m.put("code", HttpStatus.OK);
 			approvedSiteService.remove(approvedSite);
 		}		
 		
@@ -66,7 +67,7 @@ public class ApprovedSiteAPI {
 	/**
 	 * Get a single approved site
 	 */
-	@RequestMapping(value="/{id}", method = RequestMethod.GET, headers = "Accept=application/json")
+	@RequestMapping(value="/{id}", method = RequestMethod.GET, produces = "application/json")
 	public String getApprovedSite(@PathVariable("id") Long id, ModelMap m, Principal p) {
 		ApprovedSite approvedSite = approvedSiteService.getById(id);
 		if (approvedSite == null) {
diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/BlacklistAPI.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/BlacklistAPI.java
index 98d8d3b59..618cbeabf 100644
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/BlacklistAPI.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/BlacklistAPI.java
@@ -43,7 +43,7 @@ public class BlacklistAPI {
 	 * @param m
 	 * @return
 	 */
-	@RequestMapping(method = RequestMethod.GET, headers = "Accept=application/json")
+	@RequestMapping(method = RequestMethod.GET, produces = "application/json")
 	public String getAllBlacklistedSites(ModelMap m) {
 		
 		Collection<BlacklistedSite> all = blacklistService.getAll();
@@ -60,7 +60,7 @@ public class BlacklistAPI {
 	 * @param p
 	 * @return
 	 */
-	@RequestMapping(method = RequestMethod.POST, headers = "Accept=application/json")
+	@RequestMapping(method = RequestMethod.POST, consumes = "application/json", produces = "application/json")
 	public String addNewBlacklistedSite(@RequestBody String jsonString, ModelMap m, Principal p) {
 		
 		JsonObject json = parser.parse(jsonString).getAsJsonObject();
@@ -78,7 +78,7 @@ public class BlacklistAPI {
 	/**
 	 * Update an existing blacklisted site
 	 */
-	@RequestMapping(value="/{id}", method = RequestMethod.PUT, headers = "Accept=application/json")
+	@RequestMapping(value="/{id}", method = RequestMethod.PUT, consumes = "application/json", produces = "application/json")
 	public String updateBlacklistedSite(@PathVariable("id") Long id, @RequestBody String jsonString, ModelMap m, Principal p) {
 		
 		JsonObject json = parser.parse(jsonString).getAsJsonObject();
@@ -104,13 +104,14 @@ public class BlacklistAPI {
 	 * Delete a blacklisted site
 	 * 
 	 */
-	@RequestMapping(value="/{id}", method = RequestMethod.DELETE, headers = "Accept=application/json")
+	@RequestMapping(value="/{id}", method = RequestMethod.DELETE)
 	public String deleteBlacklistedSite(@PathVariable("id") Long id, ModelMap m) {
 		BlacklistedSite blacklist = blacklistService.getById(id);
 		
 		if (blacklist == null) {
 			m.put("code", HttpStatus.NOT_FOUND);
 		} else {
+			m.put("code", HttpStatus.OK);
 			blacklistService.remove(blacklist);
 		}		
 		
@@ -120,7 +121,7 @@ public class BlacklistAPI {
 	/**
 	 * Get a single blacklisted site
 	 */
-	@RequestMapping(value="/{id}", method = RequestMethod.GET, headers = "Accept=application/json")
+	@RequestMapping(value="/{id}", method = RequestMethod.GET, produces = "application/json")
 	public String getBlacklistedSite(@PathVariable("id") Long id, ModelMap m) {
 		BlacklistedSite blacklist = blacklistService.getById(id);
 		if (blacklist == null) {
diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java
index 01af43bc0..39a1a1eb7 100644
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java
@@ -22,6 +22,7 @@ import org.mitre.oauth2.exception.ClientNotFoundException;
 import org.mitre.oauth2.model.ClientDetailsEntity;
 import org.mitre.oauth2.service.ClientDetailsEntityService;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
@@ -55,7 +56,7 @@ public class ClientAPI {
      * @param modelAndView
      * @return
      */
-    @RequestMapping(method = RequestMethod.GET, headers="Accept=application/json")
+    @RequestMapping(method = RequestMethod.GET, produces = "application/json")
     public ModelAndView apiGetAllClients(ModelAndView modelAndView) {
 
         Collection<ClientDetailsEntity> clients = clientService.getAllClients();
@@ -72,7 +73,7 @@ public class ClientAPI {
      * @param principal
      * @return
      */
-    @RequestMapping(method = RequestMethod.POST, headers = "Accept=application/json")
+    @RequestMapping(method = RequestMethod.POST, consumes = "application/json", produces = "application/json")
     public String apiAddClient(@RequestBody String jsonString, Model m, Principal principal) {
 
     	JsonObject json = parser.parse(jsonString).getAsJsonObject();
@@ -108,7 +109,7 @@ public class ClientAPI {
      * @param principal
      * @return
      */
-    @RequestMapping(value="/{id}", method = RequestMethod.PUT, headers = "Accept=application/json")
+    @RequestMapping(value="/{id}", method = RequestMethod.PUT, consumes = "application/json", produces = "application/json")
     public String apiUpdateClient(@PathVariable("id") Long id, @RequestBody String jsonString, Model m, Principal principal) {
     	
     	// TODO: sanity check if the thing really is a JSON object
@@ -148,13 +149,19 @@ public class ClientAPI {
      * @param modelAndView
      * @return
      */
-    @RequestMapping(value="/{id}", method=RequestMethod.DELETE, headers="Accept=application/json")
+    @RequestMapping(value="/{id}", method=RequestMethod.DELETE)
     public String apiDeleteClient(@PathVariable("id") Long id, ModelAndView modelAndView) {
 
         ClientDetailsEntity client = clientService.getClientById(id);
-        clientService.deleteClient(client);
-
-        return "jsonClientView";
+        
+		if (client == null) {
+			modelAndView.getModelMap().put("code", HttpStatus.NOT_FOUND);
+		} else {
+			modelAndView.getModelMap().put("code", HttpStatus.OK);
+			clientService.deleteClient(client);
+		}		
+		
+		return "httpCodeView";
     }
 
 
@@ -164,7 +171,7 @@ public class ClientAPI {
      * @param modelAndView
      * @return
      */
-    @RequestMapping(value="/{id}", method=RequestMethod.GET, headers="Accept=application/json")
+    @RequestMapping(value="/{id}", method=RequestMethod.GET, produces = "application/json")
     public ModelAndView apiShowClient(@PathVariable("id") Long id, ModelAndView modelAndView) {
         ClientDetailsEntity client = clientService.getClientById(id);
         if (client == null) {
diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java
index 1f95a0842..215abe2e8 100644
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java
@@ -169,7 +169,7 @@ public class ClientDynamicRegistrationEndpoint {
 		});
 	}
 	
-	@RequestMapping(params = "type=client_associate")
+	@RequestMapping(params = "type=client_associate", produces = "application/json")
 	public String clientAssociate(
 			@RequestParam(value = "contacts", required = false) Set<String> contacts,
 			@RequestParam(value = "application_type", required = false) AppType applicationType,
@@ -248,7 +248,7 @@ public class ClientDynamicRegistrationEndpoint {
 		return "clientAssociate";
 	}
 	
-	@RequestMapping(params = "type=rotate_secret")
+	@RequestMapping(params = "type=rotate_secret", produces = "application/json")
 	public String rotateSecret(@RequestParam("client_id") String clientId, @RequestParam("client_secret") String clientSecret, ModelMap model) {
 		
 		ClientDetailsEntity client = clientService.loadClientByClientId(clientId);
@@ -271,7 +271,7 @@ public class ClientDynamicRegistrationEndpoint {
 		return "clientAssociate";
 	}
 	
-	@RequestMapping(params = "type=client_update")
+	@RequestMapping(params = "type=client_update", produces = "application/json")
 	public String clientUpdate(
 			@RequestParam("client_id") String clientId, 
 			@RequestParam("client_secret") String clientSecret,
diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/JsonWebKeyEndpoint.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/JsonWebKeyEndpoint.java
index efce7b4b5..cdb2c00ac 100644
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/JsonWebKeyEndpoint.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/JsonWebKeyEndpoint.java
@@ -30,7 +30,7 @@ public class JsonWebKeyEndpoint {
 	@Autowired
 	JwtSigningAndValidationService jwtService;
 	
-	@RequestMapping("/jwk")
+	@RequestMapping(value = "/jwk", produces = "application/json")
 	public ModelAndView getJwk() {
 		
 		// map from key id to signer
diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/StatsAPI.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/StatsAPI.java
index b2675630a..0da17073b 100644
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/StatsAPI.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/StatsAPI.java
@@ -17,7 +17,7 @@ public class StatsAPI {
 	@Autowired
 	private StatsService statsService;
 	
-	@RequestMapping("summary")
+	@RequestMapping(value = "summary", produces = "application/json")
 	public String statsSummary(ModelMap m) {
 		
 		Map<String, Integer> e = statsService.calculateSummaryStats();
diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java
index 193c5a843..d619275de 100644
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java
@@ -65,7 +65,7 @@ public class UserInfoEndpoint {
 	 * @throws InvalidScopeException if the oauth2 token doesn't have the "openid" scope
 	 */
 	@PreAuthorize("hasRole('ROLE_USER') and #oauth2.hasScope('openid')")
-	@RequestMapping(value="/userinfo", method= {RequestMethod.GET, RequestMethod.POST})
+	@RequestMapping(value="/userinfo", method= {RequestMethod.GET, RequestMethod.POST}, produces = "application/json")
 	public String getInfo(Principal p, @RequestParam("schema") String schema, Model model) {
 
 		if (p == null) {
diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/WhitelistAPI.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/WhitelistAPI.java
index dad39937e..bc936bf2d 100644
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/WhitelistAPI.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/WhitelistAPI.java
@@ -42,7 +42,7 @@ public class WhitelistAPI {
 	 * @param m
 	 * @return
 	 */
-	@RequestMapping(method = RequestMethod.GET, headers = "Accept=application/json")
+	@RequestMapping(method = RequestMethod.GET, produces = "application/json")
 	public String getAllWhitelistedSites(ModelMap m) {
 		
 		Collection<WhitelistedSite> all = whitelistService.getAll();
@@ -59,7 +59,7 @@ public class WhitelistAPI {
 	 * @param p
 	 * @return
 	 */
-	@RequestMapping(method = RequestMethod.POST, headers = "Accept=application/json")
+	@RequestMapping(method = RequestMethod.POST, consumes = "application/json", produces = "application/json")
 	public String addNewWhitelistedSite(@RequestBody String jsonString, ModelMap m, Principal p) {
 		
 		JsonObject json = parser.parse(jsonString).getAsJsonObject();
@@ -80,7 +80,7 @@ public class WhitelistAPI {
 	/**
 	 * Update an existing whitelisted site
 	 */
-	@RequestMapping(value="/{id}", method = RequestMethod.PUT, headers = "Accept=application/json")
+	@RequestMapping(value="/{id}", method = RequestMethod.PUT, consumes = "application/json", produces = "application/json")
 	public String updateWhitelistedSite(@PathVariable("id") Long id, @RequestBody String jsonString, ModelMap m, Principal p) {
 		
 		JsonObject json = parser.parse(jsonString).getAsJsonObject();
@@ -106,13 +106,14 @@ public class WhitelistAPI {
 	 * Delete a whitelisted site
 	 * 
 	 */
-	@RequestMapping(value="/{id}", method = RequestMethod.DELETE, headers = "Accept=application/json")
+	@RequestMapping(value="/{id}", method = RequestMethod.DELETE)
 	public String deleteWhitelistedSite(@PathVariable("id") Long id, ModelMap m) {
 		WhitelistedSite whitelist = whitelistService.getById(id);
 		
 		if (whitelist == null) {
 			m.put("code", HttpStatus.NOT_FOUND);
 		} else {
+			m.put("code", HttpStatus.OK);
 			whitelistService.remove(whitelist);
 		}		
 		
@@ -122,7 +123,7 @@ public class WhitelistAPI {
 	/**
 	 * Get a single whitelisted site
 	 */
-	@RequestMapping(value="/{id}", method = RequestMethod.GET, headers = "Accept=application/json")
+	@RequestMapping(value="/{id}", method = RequestMethod.GET, produces = "application/json")
 	public String getWhitelistedSite(@PathVariable("id") Long id, ModelMap m) {
 		WhitelistedSite whitelist = whitelistService.getById(id);
 		if (whitelist == null) {
diff --git a/openid-connect-server/src/main/java/org/mitre/swd/web/SimpleWebDiscoveryEndpoint.java b/openid-connect-server/src/main/java/org/mitre/swd/web/SimpleWebDiscoveryEndpoint.java
index 379aa5501..74eb44003 100644
--- a/openid-connect-server/src/main/java/org/mitre/swd/web/SimpleWebDiscoveryEndpoint.java
+++ b/openid-connect-server/src/main/java/org/mitre/swd/web/SimpleWebDiscoveryEndpoint.java
@@ -34,7 +34,7 @@ public class SimpleWebDiscoveryEndpoint {
 	ConfigurationPropertiesBean config;
 	
 	@RequestMapping(value="/.well-known/simple-web-discovery", 
-					params={"principal", "service=http://openid.net/specs/connect/1.0/issuer"})
+					params={"principal", "service=http://openid.net/specs/connect/1.0/issuer"}, produces = "application/json")
 	public ModelAndView openIdConnectIssuerDiscovery(@RequestParam("principal") String principal, ModelAndView modelAndView) {
 		
 		String baseUrl = config.getIssuer();
@@ -54,7 +54,7 @@ public class SimpleWebDiscoveryEndpoint {
 	}
 	
 	@RequestMapping(value={"/.well-known/host-meta", "/.well-known/host-meta.json"},
-			params={"resource", "rel=http://openid.net/specs/connect/1.0/issuer"})
+			params={"resource", "rel=http://openid.net/specs/connect/1.0/issuer"}, produces = "application/json")
 	public ModelAndView xrdDiscovery(@RequestParam("resource") String resource, ModelAndView modelAndView) {
 		
 		Map<String, String> relMap = new HashMap<String, String>();